U.S. Department of Agriculture
Office of the Chief Information Officer (OCIO)
OMB Control Number: 0503-0014
USDA eAuthentication Service Customer Registration
Purpose:
The purpose of this OMB review request is to obtain a 3-year renewal and approval for information collection for USDA OCIO eAuthentication Service account registration. New USDA customers must provide information during the online registration process and, if applicable, the identity verification process, which is accessible through the USDA eAuthentication web site, www.eauth.usda.gov. This voluntary online self-registration and identity verification process enables USDA customers to obtain accounts that will enable them to access USDA web applications and services via the Internet. The objectives of this self-registration and identity verification process are to employ standardized methods for verifying the identity of USDA customers/partners and to manage their credentials in support of electronic alternatives to traditional ink signatures. In addition, this centralized service eliminates the need for USDA agency applications to build authentication services into each application.
Background:
The USDA provides services to ranchers and farmers ranging from development and economic assistance; farm loans and subsidies; and land, water, and livestock resource management. In addition, the USDA is responsible for the federal government’s major agricultural procurements and generation and dissemination of natural resource research data. The USDA also leads the Federal anti-hunger effort by providing human nutrition services through the Food Stamp, School Lunch, School Breakfast, and the Women, Infant, and Children (WIC) Program.
Initially, USDA developed an online user authentication and authorization system known as the Web Central Authentication and Authorization Facility (WebCAAF), which consisted of a one-time registration for customers desiring access to any online service that required authentication. Form AD-2016, USDA Registration Form to Request Electronic Access Code, was used to collect the minimum information necessary to verify and validate the identity of the customer before issuing user access credentials. Despite providing user authentication and authorization electronically, WebCAAF exhibited limited capabilities in that it serviced only form submissions of the USDA SCAs and required a manual submission process for Form AD-2016.
In January 2003, the USDA initiated the eAuthentication Service, an expanded USDA enterprise-wide authentication and authorization service for all USDA web-based applications to provide a single point of entry for conducting business online with USDA. Customers desiring access to any service that utilizes the eAuthentication Service are required to complete a one-time electronic self-registration to obtain an eAuthentication account. An account provides users with limited access to USDA web sites. Customers wanting to conduct USDA official electronic business transactions, enter into a contract with the USDA, or submit USDA forms electronically via the Internet must verify their identity. The identity proofing process does not have to be completed immediately following the eAuthentication account registration. USDA web applications restricting access to eAuthentication accounts with identity verification will redirect users to the eAuthentication Service to complete the identity proofing process.
Customers may choose to have their identity verified in-person by a USDA Local Registration Authority (LRA) or through an online identity proofing service. Once the identity is verified, customers may use the associated user ID and password to access USDA resources through the eAuthentication Service.
The eAuthentication system is developed and managed by the Office of the Chief Information Officer (OCIO). eAuthentication collects customer information under OMB Control Number 0503-0014.
Supporting Statement
Justification
Explain the circumstances that make the collection of information necessary.
Authority for obtaining new information from users, as alternatives to traditional paper-based processes, is included in Section 2, (c), of the Freedom to E-File Act (Pub. L. 106-222), the Government Paperwork Elimination Act (GPEA, Pub. L. 105-277), the Electronic Signatures in Global and National Commerce Act (E-SIGN, Pub. L. 106-229), E-Government Act of 2002 (H.R. 2458), and GRAMM–LEACH–BLILEY ACT (Pub L. 106-102., 502-504). Conducting online transactions necessitates processes for authenticating and authorizing online users and completing transactions with an electronic equivalent to traditional ink signatures. The information collected from the eAuthentication web site enables the electronic authentication and authorization of users to conduct official business with USDA through web-based applications.
Indicate how, by whom, how frequently, and for what purpose the information is to be used.
The USDA eAuthentication Service provides public and government businesses single sign-on capability for USDA applications, management of user credentials, and verification of identity, authorization, and electronic signatures. USDA eAuthentication Service obtains customer information through an electronic self-registration process provided through the eAuthentication web site. This voluntary online self-registration process applies to USDA Agency customers who request access to USDA web applications and services utilizing eAuthentication via the Internet. Registrants can self-register online from the eAuthentication web site, located at www.eauth.usda.gov, for an eAuthentication account. An eAuthentication account has an associated user ID and password which enables the electronic authentication of users. A user will then have access to authorized resources without needing to re-authenticate within the context of a single Internet session. The user ID and password and permissions associated with an account are what authenticates and authorizes a user to access a requested USDA resource.
A customer eAuthentication account without identity verification, also considered anonymous, provides limited access to USDA web site portals and applications that have minimal security requirements. eAuthentication accounts, without identity verification, do not allow the customer to conduct official business transactions with the USDA via the Internet. The account may be used, for example, to customize a web portal page, obtain general information about a specific USDA agency, or participate in public surveys for a USDA agency. A registrant can self-register for an eAuthentication account directly from the USDA eAuthentication web site located at www.eauth.usda.gov.
A customer eAuthentication account with identity verification provides the ability to conduct official electronic business transactions with the USDA via the Internet, such as entering into a contract with the USDA and submitting forms electronically via the Internet with a USDA agency. A customer trying to access an application requiring a higher identity assurance will be directed to the eAuthentication Service for identity proofing. The customer is prompted to provide their home address, city, state, country, zip code, telephone number, and date of birth. The customer can select one of two identity proofing methods 1) In-person through a Local Registration Authority (LRA) or online using a USDA identity verification service provider. If the online identity proofing method is selected, the customer is required to enter a social security number. It is estimated to take a customer three (3) minutes to provide the additional information necessary for identity proofing.
In-Person Identity Proofing:
If the customer selects the in-person method, the customer must visit a USDA Service Center and present a government issued photo ID to a trained Local Registration Authority (LRA), who confirms the customer’s identity and updates the eAuthentication account as being identity proofed. It is estimated to take a customer sixty (60) minutes to drive to a local USDA Service Center and complete the identity proofing process.
Online Identity Proofing:
For the online identity verification method, a social security number is required and is entered at the same time the other data is entered. The eAuthentication Service makes web service calls to the online identity verification service and displays the questions received from the web service calls to the customer. The customer must answer the questions correctly, within a threshold, in order to be successfully identity proofed. It is estimated it takes customers 5 minutes to complete the online identity verification process. The web service updates the eAuthentication account as being identity proofed.
Certain personal information collected through the online self-registration process is conditionally shared with USDA agencies in order to integrate USDA resources with the eAuthentication Service. Sensitive data such as passwords are never shared. Systems receiving eAuthentication Service data are required to have an approved Authority to Operate (ATO) in effect. In addition, the eAuthentication Service requires an agency signed ICAM Memorandum of Understanding that describes the data handling requirements (e.g., storage, transfer) for ad hoc data requests. USDA agencies receiving data through automated data connections, are required to follow USDA security requirements including but not limited to data management and protection, system logging, incident response, and backup/recovery.
Use of information technology.
Users can obtain an eAuthentication account solely through the online self-registration form. There is not a paper-based form available to register for an eAuthentication account. Users must access the eAuthentication web site to complete and submit the self-registration form electronically. The eAuthentication Service uses the registrant’s email address as the eAuthentication userid, which is entered by the registrant during the eAuthentication account self-registration process.
Each eAuthentication account contains an assigned userid (the registrant’s email address) and password that was created by the user. In addition, each account contains associated roles or permissions, given by administrators, which allow the user to request access to USDA applications. The user ID and password and permissions associated with an account are what authenticates and authorizes a user to access a requested USDA resource.
The eAuthentication Service complies with the E-Government Act by eliminating the need for traditional paper-based forms. In addition, the eAuthentication Service provides full electronic reporting capabilities as required in the E-Government Act. Also, the use of a national credit bureau complies with the Gramm-Leach-Bliley Act.
Describe efforts to identify duplication.
The eAuthentication Service, by nature, eliminates the need for USDA agencies to create authentication processes within their applications, which saves the agencies development and maintenance time and money. Not all USDA customers need an eAuthentication account, only those who want to access USDA websites that are protected by eAuthentication. Therefore, the eAuthentication Service cannot obtain customer information from other systems. There is also no alternate USDA enterprise service for authenticating and authorizing users electronically.
Methods used to minimize burden on small businesses or other small entities.
The reporting requirements in this information collection package will not affect small businesses. The online self-registration form is identical for all applicants irrespective to their volume or business. Therefore, no additional burden is being placed on businesses of any particular size. eAuthentication accounts are individual accounts; therefore, small businesses or small entities are not impacted.
Consequence if the information collection is not conducted or is conducted less frequently.
The information collected through the online eAuthentication self-registration form is only collected once. If the information is not ever collected, the user must continue to conduct business with USDA through the existing paper-based processes.
Special Circumstances.
requiring respondents to report information to the agency more often than quarterly;
requiring respondents to prepare a written response to a collection of information in fewer than 30 days after receipt of it;
requiring respondents to submit more than an original and two copies of any document;
requiring respondents to retain records, other than health, medical, government contract, grant-in-aid, or tax records for more than three years;
in connection with a statistical survey, that is not designed to produce valid and reliable results that can be generalized to the universe of study;
requiring the use of a statistical data classification that has not been reviewed and approved by OMB;
that includes a pledge of confidentiality that is not supported by authority established in statute or regulation, that is not supported by disclosure and data security policies that are consistent with the pledge, or which unnecessarily impedes sharing of data with other agencies for compatible confidential use; or
requiring respondents to submit proprietary trade secret, or other confidential information unless the agency can demonstrate that it has instituted procedures to protect the information's confidentiality to the extent permitted by law.
There are no special circumstances.
Federal Register notice, summarization of comments, and consultation with persons outside the agency.
A Notice to request the renewal of this information collection was published in the Federal Register on Friday, March 10, 2023 (Vol. 88, No. 47, pgs. 14970-14971). No comments were received.
The ICAM Program provides presentations, demonstrations, and communications to USDA mission areas, agencies, and staff offices on a regular basis. Customer feedback is provided to ICAM through the mission areas, agencies, and staff offices.
Explain any decision to provide any payment or gift to respondents.
The agency does not provide any payments or gifts to respondents for information collected through the USDA eAuthentication web site.
Confidentiality provided to respondents.
All information collected will be treated as confidential in compliance with the Privacy Act and Freedom of Information Act.
The current System of Record Notice (SORN), USDA eAuthentication Service, was published on January 26, 2017 , (Volume 82, No.50, page 8503).
Questions of a sensitive nature.
The information requested through the eAuthentication web site is not considered of a sensitive nature (such as religious beliefs, sexual behavior and attitude, etc.).
Estimate of burden.
USDA agency customers register for an eAuthentication account. Registrants submit a one-time online self-registration form and respond to a confirmation email to obtain a registered eAuthentication account. On average, 235,092 customers register for a non-verified eAuthentication account annually. Of the 235,092 customers, 72,912 customers register for an identity verified eAuthentication account annually which requires providing additional information and time.
To complete the online self-registration it is estimated to take 3 minutes to read, understand, and complete the online self-registration form. 3 minutes divided by 60 minutes = 0.05 hours. The estimated annual public burden cost is $214,051.27 which is based on the annual burden of 11,754.60 hours (235,092 responses * 0.05) multiplied by an average hourly wage of $18.21 per customer. The average hourly wage is based on the mean hourly rate of Farming, Fishing, and Forestry Occupations in the Agriculture, Forestry, Fishing and Hunting sector of the May 2022 National Industry-Specific Occupational Employment and Wage Estimates. This hourly wage estimate is provided through the Bureau of Labor Statistics and can be directly accessed at Farming, Fishing, and Forestry Occupations
To begin the identity proofing process, it is estimated to take 3 minutes to read, understand, and complete the additional fields required for identity proofing, which is an annual public burden cost of $66,386.38.
For online identity verification, it is estimated to take 5 minutes to answer the online knowledge-based questions provided by a USDA identity verification service provider. 5 minutes divided by 60 minutes equals 0.08 hours. Out of 72,912 responses, it is estimated that 91% will select this option for identify verification, which is 66,350 (72,912 * 0.91) with an annual cost of $96,658.68. 66,350 responses * .08 hours = 5,308 hours. Multiplied by an average hourly wage of $18.21 per customer equals $96,658.68.
For identity verification through an LRA, it is estimated to take 1 hour to travel to the nearest USDA Service Center. It is estimated that 9% of respondents select this option. 72,907 * 0.09) = 6,562. It is estimated that 6,562 hours (6,562 * 1 hour) multiplied by an hourly wage of $18.21 per customer equals $119,494.02.
Total annual cost burden to respondents.
The information collection and reporting burden does not impose any capital or start-up costs to respondents. The information is already known by respondents and there are no ongoing or follow-up reporting requirements that impose any costs but for the one-time collection.
Provide estimates of annualized cost to the Federal government.
The estimated cost to the Federal government is $87,530.04. The activity that goes into this calculation is LRA program management costs, LRA access management, and LRA identity verification costs. The LRA program management, which includes training, documentation, and communication is $7,646.40 which is based on 180 hours per year. Using the average salary of a civilian worker (https://www.bls.gov/news.release/pdf/ocwage.pdf) which is $42.48 per hour (180 * $42.48 = $7,646.40). To manage LRA access, it is estimated to take 240 hours per year. Using the average civilian worker salary at $42.48 per hour; the total cost to manage LRA access is $10,195.20 (240 hours * $42.48). It is estimated to take 15 minutes per identity verification transaction. 15 minutes divided by 60 = 0.25 hours. The estimated annual number of respondents requiring in-person identity verification is 6,562, which would require 1,640.50 hours per year. Using an average annual salary of civilian worker is $88,358.40, which is $42.48 per hour ($88,358.40/2080 =$42.48). The estimated annual cost to verify identities is $69,688.44(1,640.50 * $42.48) The total cost of identity verifications through an LRA is $87,530.04 ($7,646.40+$10,195.20+$69,688.44). LRA program management costs ($7,646.40 + LRA access management costs $10,195.20 + LRA identity verification costs $69,688.44).
Reasons for changes in burden.
The number of respondents increased from 173,088 in 2019 to 235,092 in 2022. This is due to more USDA programs being offered through the Farm Bill, other agency service offerings, and agencies integrating with ICAM services to meet FISMA requirements and cybersecurity mandates.
The amount of time to create an eAuth account, provide additional information, and visit an LRA remained the same. The number of customers utilizing the online identity verification process increased from 85% in 2019 to 91% in 2022. Due to the number of respondents increasing, the burden hours also increased to 27,270.20 hours in 2022 from 13,598 in 2019.
As more people are exposed to online identity verification, the time to complete the knowledge-based questions decreased from 10 to 5 minutes.
Outline plans for tabulation and publication.
The information collected is not planned for publication. It will only be used to provide the customer authorized access to applications.
Reasons display of expiration date for OMB approval of the information collection is inappropriate.
The USDA eAuthentication Service requests permission from OMB to not post the expiration date. The self-registration form will be used for a one-time registration process.
Exceptions to the certification statement identified in Item 19 of the OMB 83-I form.
There are no exceptions to the certification statement.
File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
File Modified | 0000-00-00 |
File Created | 2023-08-25 |